﻿using System;
using System.Data;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data.SqlClient;

namespace RealEstateCenter
{

    public class est_login
    {
        public bool login(string username, string password)
        {
            string connectionString;
            SqlConnection sqlconnect;
            connectionString = @"Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|RealEstateCenter.mdf;Integrated Security=True;User Instance=True";
            sqlconnect = new SqlConnection(connectionString);
            SqlCommand cmd = new SqlCommand("select * from Agency where agency_username='"+username+"' and agency_password='"+password+"'", sqlconnect);
            sqlconnect.Open();
            SqlDataReader dtrReader = cmd.ExecuteReader();

            if (dtrReader.Read())
            {
                HttpContext.Current.Session["agency_id"] = dtrReader["agency_id"].ToString();
                HttpContext.Current.Session["agency_name"] = dtrReader["agency_name"].ToString();
                HttpContext.Current.Session["agency_tel_no"] = dtrReader["agency_tel_no"].ToString();
                HttpContext.Current.Session["agency_address"] = dtrReader["agency_address"].ToString();
                HttpContext.Current.Session["agency_mail"] = dtrReader["agency_mail"].ToString();
                HttpContext.Current.Session["agency_city"] = dtrReader["agency_city"].ToString();
                sqlconnect.Close();
                return true;
            }
            else
            {
                sqlconnect.Close();
                return false;
            }
        }
    }

    public class login_check
    {
        public login_check(string cmp)
        {
            if (HttpContext.Current.Session["user_type"] == null || HttpContext.Current.Session["user_type"].ToString() != cmp)
                HttpContext.Current.Response.Redirect("Default.aspx");
        }
    }
}
